]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg: Replace BSD License with BSD+Patent License
[mirror_edk2.git] / SecurityPkg / Tcg / Opal / OpalPassword / OpalDriver.h
1 /** @file
2 Values defined and used by the Opal UEFI Driver.
3
4 Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
6
7 **/
8
9 #ifndef _OPAL_DRIVER_H_
10 #define _OPAL_DRIVER_H_
11
12 #include <PiDxe.h>
13
14 #include <IndustryStandard/Pci.h>
15
16 #include <Protocol/PciIo.h>
17 #include <Protocol/SmmCommunication.h>
18 #include <Protocol/BlockIo.h>
19 #include <Protocol/LoadedImage.h>
20 #include <Protocol/DevicePath.h>
21 #include <Protocol/DevicePathToText.h>
22 #include <Protocol/StorageSecurityCommand.h>
23
24 #include <Guid/EventGroup.h>
25 #include <Guid/S3StorageDeviceInitList.h>
26
27 #include <Library/UefiLib.h>
28 #include <Library/UefiBootServicesTableLib.h>
29 #include <Library/UefiRuntimeServicesTableLib.h>
30 #include <Library/DxeServicesTableLib.h>
31 #include <Library/BaseMemoryLib.h>
32 #include <Library/MemoryAllocationLib.h>
33 #include <Library/BaseLib.h>
34 #include <Library/PrintLib.h>
35 #include <Library/DebugLib.h>
36 #include <Library/DevicePathLib.h>
37 #include <Library/HiiLib.h>
38 #include <Library/UefiHiiServicesLib.h>
39 #include <Library/PciLib.h>
40 #include <Library/LockBoxLib.h>
41 #include <Library/TcgStorageOpalLib.h>
42 #include <Library/Tcg2PhysicalPresenceLib.h>
43
44 #include "OpalPasswordCommon.h"
45 #include "OpalHiiFormValues.h"
46
47 #define EFI_DRIVER_NAME_UNICODE L"1.0 UEFI Opal Driver"
48
49 // UEFI 2.1
50 #define LANGUAGE_RFC_3066_ENGLISH ((CHAR8*)"en")
51
52 // UEFI/EFI < 2.1
53 #define LANGUAGE_ISO_639_2_ENGLISH ((CHAR8*)"eng")
54
55 #define CONCAT_(x, y) x ## y
56 #define CONCAT(x, y) CONCAT_(x, y)
57
58 #define UNICODE_STR(x) CONCAT( L, x )
59
60 extern EFI_DRIVER_BINDING_PROTOCOL gOpalDriverBinding;
61 extern EFI_COMPONENT_NAME_PROTOCOL gOpalComponentName;
62 extern EFI_COMPONENT_NAME2_PROTOCOL gOpalComponentName2;
63
64 #define OPAL_MSID_LENGHT 128
65
66 #define MAX_PASSWORD_TRY_COUNT 5
67
68 // PSID Length
69 #define PSID_CHARACTER_LENGTH 0x20
70 #define MAX_PSID_TRY_COUNT 5
71
72 //
73 // The max timeout value assume the user can wait for the revert action. The unit of this macro is second.
74 // If the revert time value bigger than this one, driver needs to popup a dialog to let user confirm the
75 // revert action.
76 //
77 #define MAX_ACCEPTABLE_REVERTING_TIME 10
78
79 #pragma pack(1)
80
81 //
82 // Structure that is used to represent the available actions for an OpalDisk.
83 // The data can then be utilized to expose/hide certain actions available to an end user
84 // by the consumer of this library.
85 //
86 typedef struct {
87 //
88 // Indicates if the disk can support PSID Revert action. should verify disk supports PSID authority
89 //
90 UINT16 PsidRevert : 1;
91
92 //
93 // Indicates if the disk can support Revert action
94 //
95 UINT16 Revert : 1;
96
97 //
98 // Indicates if the user must keep data for revert action. It is true if no media encryption is supported.
99 //
100 UINT16 RevertKeepDataForced : 1;
101
102 //
103 // Indicates if the disk can support set Admin password
104 //
105 UINT16 AdminPass : 1;
106
107 //
108 // Indicates if the disk can support set User password. This action requires that a user
109 // password is first enabled.
110 //
111 UINT16 UserPass : 1;
112
113 //
114 // Indicates if unlock action is available. Requires disk to be currently locked.
115 //
116 UINT16 Unlock : 1;
117
118 //
119 // Indicates if Secure Erase action is available. Action requires admin credentials and media encryption support.
120 //
121 UINT16 SecureErase : 1;
122
123 //
124 // Indicates if Disable User action is available. Action requires admin credentials.
125 //
126 UINT16 DisableUser : 1;
127 } OPAL_DISK_ACTIONS;
128
129 //
130 // Structure that is used to represent an OPAL_DISK.
131 //
132 typedef struct {
133 UINT32 MsidLength; // Byte length of MSID Pin for device
134 UINT8 Msid[OPAL_MSID_LENGHT]; // MSID Pin for device
135 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp;
136 UINT32 MediaId; // MediaId is used by Ssc Protocol.
137 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
138 UINT16 OpalBaseComId; // Opal SSC 1 base com id.
139 OPAL_OWNER_SHIP Owner;
140 OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;
141 TCG_LOCKING_FEATURE_DESCRIPTOR LockingFeature; // Locking Feature Descriptor retrieved from performing a Level 0 Discovery
142 UINT8 PasswordLength;
143 UINT8 Password[OPAL_MAX_PASSWORD_SIZE];
144
145 UINT32 EstimateTimeCost;
146 } OPAL_DISK;
147
148 //
149 // Device with block IO protocol
150 //
151 typedef struct _OPAL_DRIVER_DEVICE OPAL_DRIVER_DEVICE;
152
153 struct _OPAL_DRIVER_DEVICE {
154 OPAL_DRIVER_DEVICE *Next; ///< Linked list pointer
155 EFI_HANDLE Handle; ///< Device handle
156 OPAL_DISK OpalDisk; ///< User context
157 CHAR16 *Name16; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
158 CHAR8 *NameZ; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
159 UINT32 MediaId; ///< Required parameter for EFI_STORAGE_SECURITY_COMMAND_PROTOCOL, from BLOCK_IO_MEDIA
160
161 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp; /// Device protocols consumed
162 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
163 };
164
165 //
166 // Opal Driver UEFI Driver Model
167 //
168 typedef struct {
169 EFI_HANDLE Handle; ///< Driver image handle
170 OPAL_DRIVER_DEVICE *DeviceList; ///< Linked list of controllers owned by this Driver
171 } OPAL_DRIVER;
172
173 #pragma pack()
174
175 //
176 // Retrieves a OPAL_DRIVER_DEVICE based on the pointer to its StorageSecurity protocol.
177 //
178 #define DRIVER_DEVICE_FROM_OPALDISK(OpalDiskPointer) (OPAL_DRIVER_DEVICE*)(BASE_CR(OpalDiskPointer, OPAL_DRIVER_DEVICE, OpalDisk))
179
180 /**
181 Get devcie list info.
182
183 @retval return the device list pointer.
184 **/
185 OPAL_DRIVER_DEVICE*
186 OpalDriverGetDeviceList(
187 VOID
188 );
189
190 /**
191 Get devcie name through the component name protocol.
192
193 @param[in] Dev The device which need to get name.
194
195 @retval TRUE Find the name for this device.
196 @retval FALSE Not found the name for this device.
197 **/
198 BOOLEAN
199 OpalDriverGetDriverDeviceName(
200 OPAL_DRIVER_DEVICE *Dev
201 );
202
203 /**
204 Get current device count.
205
206 @retval return the current created device count.
207
208 **/
209 UINT8
210 GetDeviceCount (
211 VOID
212 );
213
214 /**
215 Update password for the Opal disk.
216
217 @param[in, out] OpalDisk The disk to update password.
218 @param[in] Password The input password.
219 @param[in] PasswordLength The input password length.
220
221 **/
222 VOID
223 OpalSupportUpdatePassword (
224 IN OUT OPAL_DISK *OpalDisk,
225 IN VOID *Password,
226 IN UINT32 PasswordLength
227 );
228
229 /**
230
231 The function performs determines the available actions for the OPAL_DISK provided.
232
233 @param[in] SupportedAttributes The support attribute for the device.
234 @param[in] LockingFeature The locking status for the device.
235 @param[in] OwnerShip The ownership for the device.
236 @param[out] AvalDiskActions Pointer to fill-out with appropriate disk actions.
237
238 **/
239 TCG_RESULT
240 EFIAPI
241 OpalSupportGetAvailableActions(
242 IN OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
243 IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature,
244 IN UINT16 OwnerShip,
245 OUT OPAL_DISK_ACTIONS *AvalDiskActions
246 );
247
248 /**
249 Enable Opal Feature for the input device.
250
251 @param[in] Session The opal session for the opal device.
252 @param[in] Msid Msid
253 @param[in] MsidLength Msid Length
254 @param[in] Password Admin password
255 @param[in] PassLength Length of password in bytes
256
257 **/
258 TCG_RESULT
259 EFIAPI
260 OpalSupportEnableOpalFeature (
261 IN OPAL_SESSION *Session,
262 IN VOID *Msid,
263 IN UINT32 MsidLength,
264 IN VOID *Password,
265 IN UINT32 PassLength
266 );
267
268 /**
269 Unloads UEFI Driver. Very useful for debugging and testing.
270
271 @param ImageHandle Image handle this driver.
272
273 @retval EFI_SUCCESS This function always complete successfully.
274 @retval EFI_INVALID_PARAMETER The input ImageHandle is not valid.
275 **/
276 EFI_STATUS
277 EFIAPI
278 EfiDriverUnload(
279 EFI_HANDLE ImageHandle
280 );
281
282
283 /**
284 Test to see if this driver supports Controller.
285
286 @param This Protocol instance pointer.
287 @param ControllerHandle Handle of device to test
288 @param RemainingDevicePath Optional parameter use to pick a specific child
289 device to start.
290
291 @retval EFI_SUCCESS This driver supports this device.
292 @retval EFI_ALREADY_STARTED This driver is already running on this device.
293 @retval other This driver does not support this device.
294
295 **/
296 EFI_STATUS
297 EFIAPI
298 OpalEfiDriverBindingSupported(
299 EFI_DRIVER_BINDING_PROTOCOL* This,
300 EFI_HANDLE Controller,
301 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
302 );
303
304 /**
305 Enables Opal Management on a supported device if available.
306
307 The start function is designed to be called after the Opal UEFI Driver has confirmed the
308 "controller", which is a child handle, contains the EF_STORAGE_SECURITY_COMMAND protocols.
309 This function will complete the other necessary checks, such as verifying the device supports
310 the correct version of Opal. Upon verification, it will add the device to the
311 Opal HII list in order to expose Opal managmeent options.
312
313 @param[in] This A pointer to the EFI_DRIVER_BINDING_PROTOCOL instance.
314 @param[in] ControllerHandle The handle of the controller to start. This handle
315 must support a protocol interface that supplies
316 an I/O abstraction to the driver.
317 @param[in] RemainingDevicePath A pointer to the remaining portion of a device path. This
318 parameter is ignored by device drivers, and is optional for bus
319 drivers. For a bus driver, if this parameter is NULL, then handles
320 for all the children of Controller are created by this driver.
321 If this parameter is not NULL and the first Device Path Node is
322 not the End of Device Path Node, then only the handle for the
323 child device specified by the first Device Path Node of
324 RemainingDevicePath is created by this driver.
325 If the first Device Path Node of RemainingDevicePath is
326 the End of Device Path Node, no child handle is created by this
327 driver.
328
329 @retval EFI_SUCCESS Opal management was enabled.
330 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.Currently not implemented.
331 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a lack of resources.
332 @retval Others The driver failed to start the device.
333
334 **/
335 EFI_STATUS
336 EFIAPI
337 OpalEfiDriverBindingStart(
338 EFI_DRIVER_BINDING_PROTOCOL* This,
339 EFI_HANDLE Controller,
340 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
341 );
342
343 /**
344 Stop this driver on Controller.
345
346 @param This Protocol instance pointer.
347 @param Controller Handle of device to stop driver on
348 @param NumberOfChildren Number of Handles in ChildHandleBuffer. If number of
349 children is zero stop the entire bus driver.
350 @param ChildHandleBuffer List of Child Handles to Stop.
351
352 @retval EFI_SUCCESS This driver is removed Controller.
353 @retval other This driver could not be removed from this device.
354
355 **/
356 EFI_STATUS
357 EFIAPI
358 OpalEfiDriverBindingStop(
359 EFI_DRIVER_BINDING_PROTOCOL* This,
360 EFI_HANDLE Controller,
361 UINTN NumberOfChildren,
362 EFI_HANDLE* ChildHandleBuffer
363 );
364
365 /**
366 Retrieves a Unicode string that is the user readable name of the driver.
367
368 This function retrieves the user readable name of a driver in the form of a
369 Unicode string. If the driver specified by This has a user readable name in
370 the language specified by Language, then a pointer to the driver name is
371 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
372 by This does not support the language specified by Language,
373 then EFI_UNSUPPORTED is returned.
374
375 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
376 EFI_COMPONENT_NAME_PROTOCOL instance.
377
378 @param Language[in] A pointer to a Null-terminated ASCII string
379 array indicating the language. This is the
380 language of the driver name that the caller is
381 requesting, and it must match one of the
382 languages specified in SupportedLanguages. The
383 number of languages supported by a driver is up
384 to the driver writer. Language is specified
385 in RFC 4646 or ISO 639-2 language code format.
386
387 @param DriverName[out] A pointer to the Unicode string to return.
388 This Unicode string is the name of the
389 driver specified by This in the language
390 specified by Language.
391
392 @retval EFI_SUCCESS The Unicode string for the Driver specified by
393 This and the language specified by Language was
394 returned in DriverName.
395
396 @retval EFI_INVALID_PARAMETER Language is NULL.
397
398 @retval EFI_INVALID_PARAMETER DriverName is NULL.
399
400 @retval EFI_UNSUPPORTED The driver specified by This does not support
401 the language specified by Language.
402
403 **/
404 EFI_STATUS
405 EFIAPI
406 OpalEfiDriverComponentNameGetDriverName(
407 EFI_COMPONENT_NAME_PROTOCOL* This,
408 CHAR8* Language,
409 CHAR16** DriverName
410 );
411
412 /**
413 Retrieves a Unicode string that is the user readable name of the controller
414 that is being managed by a driver.
415
416 This function retrieves the user readable name of the controller specified by
417 ControllerHandle and ChildHandle in the form of a Unicode string. If the
418 driver specified by This has a user readable name in the language specified by
419 Language, then a pointer to the controller name is returned in ControllerName,
420 and EFI_SUCCESS is returned. If the driver specified by This is not currently
421 managing the controller specified by ControllerHandle and ChildHandle,
422 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
423 support the language specified by Language, then EFI_UNSUPPORTED is returned.
424
425 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
426 EFI_COMPONENT_NAME_PROTOCOL instance.
427
428 @param ControllerHandle[in] The handle of a controller that the driver
429 specified by This is managing. This handle
430 specifies the controller whose name is to be
431 returned.
432
433 @param ChildHandle[in] The handle of the child controller to retrieve
434 the name of. This is an optional parameter that
435 may be NULL. It will be NULL for device
436 drivers. It will also be NULL for a bus drivers
437 that wish to retrieve the name of the bus
438 controller. It will not be NULL for a bus
439 driver that wishes to retrieve the name of a
440 child controller.
441
442 @param Language[in] A pointer to a Null-terminated ASCII string
443 array indicating the language. This is the
444 language of the driver name that the caller is
445 requesting, and it must match one of the
446 languages specified in SupportedLanguages. The
447 number of languages supported by a driver is up
448 to the driver writer. Language is specified in
449 RFC 4646 or ISO 639-2 language code format.
450
451 @param ControllerName[out] A pointer to the Unicode string to return.
452 This Unicode string is the name of the
453 controller specified by ControllerHandle and
454 ChildHandle in the language specified by
455 Language from the point of view of the driver
456 specified by This.
457
458 @retval EFI_SUCCESS The Unicode string for the user readable name in
459 the language specified by Language for the
460 driver specified by This was returned in
461 DriverName.
462
463 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
464
465 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
466 EFI_HANDLE.
467
468 @retval EFI_INVALID_PARAMETER Language is NULL.
469
470 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
471
472 @retval EFI_UNSUPPORTED The driver specified by This is not currently
473 managing the controller specified by
474 ControllerHandle and ChildHandle.
475
476 @retval EFI_UNSUPPORTED The driver specified by This does not support
477 the language specified by Language.
478
479 **/
480 EFI_STATUS
481 EFIAPI
482 OpalEfiDriverComponentNameGetControllerName(
483 EFI_COMPONENT_NAME_PROTOCOL* This,
484 EFI_HANDLE ControllerHandle,
485 EFI_HANDLE ChildHandle,
486 CHAR8* Language,
487 CHAR16** ControllerName
488 );
489
490 /**
491 Retrieves a Unicode string that is the user readable name of the driver.
492
493 This function retrieves the user readable name of a driver in the form of a
494 Unicode string. If the driver specified by This has a user readable name in
495 the language specified by Language, then a pointer to the driver name is
496 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
497 by This does not support the language specified by Language,
498 then EFI_UNSUPPORTED is returned.
499
500 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
501 EFI_COMPONENT_NAME_PROTOCOL instance.
502
503 @param Language[in] A pointer to a Null-terminated ASCII string
504 array indicating the language. This is the
505 language of the driver name that the caller is
506 requesting, and it must match one of the
507 languages specified in SupportedLanguages. The
508 number of languages supported by a driver is up
509 to the driver writer. Language is specified
510 in RFC 4646 or ISO 639-2 language code format.
511
512 @param DriverName[out] A pointer to the Unicode string to return.
513 This Unicode string is the name of the
514 driver specified by This in the language
515 specified by Language.
516
517 @retval EFI_SUCCESS The Unicode string for the Driver specified by
518 This and the language specified by Language was
519 returned in DriverName.
520
521 @retval EFI_INVALID_PARAMETER Language is NULL.
522
523 @retval EFI_INVALID_PARAMETER DriverName is NULL.
524
525 @retval EFI_UNSUPPORTED The driver specified by This does not support
526 the language specified by Language.
527
528 **/
529 EFI_STATUS
530 EFIAPI
531 OpalEfiDriverComponentName2GetDriverName(
532 EFI_COMPONENT_NAME2_PROTOCOL* This,
533 CHAR8* Language,
534 CHAR16** DriverName
535 );
536
537 /**
538 Retrieves a Unicode string that is the user readable name of the controller
539 that is being managed by a driver.
540
541 This function retrieves the user readable name of the controller specified by
542 ControllerHandle and ChildHandle in the form of a Unicode string. If the
543 driver specified by This has a user readable name in the language specified by
544 Language, then a pointer to the controller name is returned in ControllerName,
545 and EFI_SUCCESS is returned. If the driver specified by This is not currently
546 managing the controller specified by ControllerHandle and ChildHandle,
547 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
548 support the language specified by Language, then EFI_UNSUPPORTED is returned.
549
550 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
551 EFI_COMPONENT_NAME_PROTOCOL instance.
552
553 @param ControllerHandle[in] The handle of a controller that the driver
554 specified by This is managing. This handle
555 specifies the controller whose name is to be
556 returned.
557
558 @param ChildHandle[in] The handle of the child controller to retrieve
559 the name of. This is an optional parameter that
560 may be NULL. It will be NULL for device
561 drivers. It will also be NULL for a bus drivers
562 that wish to retrieve the name of the bus
563 controller. It will not be NULL for a bus
564 driver that wishes to retrieve the name of a
565 child controller.
566
567 @param Language[in] A pointer to a Null-terminated ASCII string
568 array indicating the language. This is the
569 language of the driver name that the caller is
570 requesting, and it must match one of the
571 languages specified in SupportedLanguages. The
572 number of languages supported by a driver is up
573 to the driver writer. Language is specified in
574 RFC 4646 or ISO 639-2 language code format.
575
576 @param ControllerName[out] A pointer to the Unicode string to return.
577 This Unicode string is the name of the
578 controller specified by ControllerHandle and
579 ChildHandle in the language specified by
580 Language from the point of view of the driver
581 specified by This.
582
583 @retval EFI_SUCCESS The Unicode string for the user readable name in
584 the language specified by Language for the
585 driver specified by This was returned in
586 DriverName.
587
588 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
589
590 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
591 EFI_HANDLE.
592
593 @retval EFI_INVALID_PARAMETER Language is NULL.
594
595 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
596
597 @retval EFI_UNSUPPORTED The driver specified by This is not currently
598 managing the controller specified by
599 ControllerHandle and ChildHandle.
600
601 @retval EFI_UNSUPPORTED The driver specified by This does not support
602 the language specified by Language.
603
604 **/
605 EFI_STATUS
606 EFIAPI
607 OpalEfiDriverComponentName2GetControllerName(
608 EFI_COMPONENT_NAME2_PROTOCOL* This,
609 EFI_HANDLE ControllerHandle,
610 EFI_HANDLE ChildHandle,
611 CHAR8* Language,
612 CHAR16** ControllerName
613 );
614
615 #endif //_OPAL_DRIVER_H_
EFI Development Kit II mirror for PVE